Identity and Access Management Flashcards

1
Q

Which of these does Mike give as an example of an inherence factor?

A) Hardware token
B) Username/password
C) Fingerprint reader
D) Smart card

A

C) Fingerprint reader

Fingerprint reader is correct. Hardware token and smart card are possession factors, and username/password is a knowledge factor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which type of access control is based on data labels?

A) DAC
B) MAC
C) RBAC
D) HMAC

A

B) MAC

MAC is correct. In DAC, the owner defines the data. In RBAC, an administrator uses a set of rules to define data authorization. HMAC is an authentication code and is not related to access control lists.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What determines the number of times you can unsuccessfully attempt to log in before you are shut out of the system for a specified period?

A) Local Security Policy
B) Maximum password age
C) Account lockout duration
D) Account lockout threshold

A

D) Account lockout threshold

Account lockout threshold is correct. Local Security Policy is where all of these settings are located; maximum password age only relates to how long a password is active before it must be changed; and account lockout duration is how long the user will be locked out of the system before he can attempt to log on again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In Linux file permissions, which action does the letter “r” allow?

A) Open a file
B) Edit a file
C) Run a file or execute a program
D) None of the above

A

A) Open a file

Open a file is correct. You need the “r” (read) permission to open a file, editing a file requires the “w” (write) permission, and the “x” (execute) permission enables you to run a file or execute a program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or false: Mike says shared accounts are a good idea in an Enterprise environment.

A) True
B) False

A

B) False

False. He says shared accounts are a sign of lazy security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the RADIUS supplicant?

A) The system trying to authenticate
B) The system checking the authentication
C) The system acting as the gateway
D) The connection between the gateway and the system checking the authentication

A

A) The system trying to authenticate

The system trying to authenticate is correct. The system that checks the authentication is the RADIUS server. The system that acts as the gateway is the RADIUS client, and the last has nothing to do with RADIUS set-up or functionality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Using Kerberos, what is the domain controller called?

A) PAP
B) CHAP
C) Gateway
D) Key distribution center

A

D) Key distribution center

Key distribution center is correct. PAP and CHAP are both authentication methods, and a gateway is the system that routes traffic from inside to outside a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of these is a tool you could use to set up single sign on within a LAN?

A) SAML
B) Windows Active Directory
C) SAMBA
D) VPN

A

B) Windows Active Directory

Windows Active Directory is correct. SAML is used mainly for web applications, SAMBA is the protocol that allows Linux machines to use Active Directory, and VPN is used to access a network from far away.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly